Dealing with nuisance calls and spam.

At Three, we take all forms of nuisance, malicious, spam or phishing attempts seriously.

If you received a text message asking you to enter your card details or other personal information, it’s likely text spam and you should delete the message immediately.

Smishing.

Text spam (also known as SMS Phishing or Smishing for short) is a common method used by scammers to trick you into going to a website or to call a specified number. Once you’ve responded, they’ll ask you to provide confidential details, attempt to infect your device with malware, or get you to respond to a premium rate service.

These messages can be very convincing and look like genuine messages sent by organisations you deal with.

What does a Smishing message look like?

If done well, it’ll look like a genuine message you’d receive from us, but there are some clues to look out for:

Smishing messages often make a request that plays on your emotions. For example, the message might claim that:

• You’re in danger of being locked out of your account, or that your Three account has been compromised if you don’t respond.
• You've won something or can get something for free or at a bargain price – but only if you act fast.

Simply receiving a Smishing message won’t affect the security of your device or information, you have to reply to the message for that to happen. As a result, they’ll always seek for you to take an action, such as:

• Clicking on a link (which could install malware on your device)
• Entering confidential information, e.g., passwords, date of birth etc.
• Phoning a number and asking you for confidential information or to get you to call a premium rate service. 

What should you do if you think you’ve received a suspicious message?

Our advice is:

• Don’t click on links unless you’re 100% sure they’re genuine.
• Think about whether the sender would contact you in this way – most companies won’t ask you to confirm bank details over text message.
• Remember the advice “If it looks too good to be true it probably is”.
• Don’t respond to any suspicious messages – this may lead to you being targeted again.
• Forward the message on to 7726 free of charge so your mobile phone provider can investigate and act.

If you’re still unsure, contact the sending organisation directly to confirm the authenticity of the message (don’t use any of the contact details included in the message) by going directly to their official website and use the contact details on their home page.

Need more information about staying safe online? Check out our Privacy and Security hub.

Spam messages.

Spam messages are usually marketing messages that are sent to you without you requesting them. They can often feel annoying or intrusive but can sometimes be stopped easily and are usually harmless if ignored. The people who send these messages may be trying to access your personal information, sell you a premium rate service or encourage you to contact them so that you can be referred to another company that will try to sell you something.

At Three we're dedicated to protecting you from spam text messages. If you believe that you've received a one, we recommend you follow these steps:

• Check that the message is spam. Legitimate marketing messages will usually be received from a shortcode or company that you recognise because in the past you've asked to receive their messages or used a service from them. Find out more about shortcodes.
• Report the spam message to us by:
  • Forwarding the unwanted message free of charge to 7726
  • Forwarding the number of the person who sent you the message free of charge to 7726
• Check the type of message:
• If you've received the message from a shortcode, or you get the option to stop receiving future messages, reply 'Stop All' to stop the messages.
• If you've received the message from a mobile phone number or any other untrustworthy source, we recommend that you don't respond to the message in any way.
• If the message is about accident insurance claims, we strongly recommend that you don't respond to these messages in any way and that you report them to us immediately.

We may not be able to completely stop all unwanted messages on our network, but we'll always do our best to protect you from spam.

If you're worried about the spam messages you've received, you can report your message to the Information Commissioner's Office (ICO) who will be able to help you.

When you make a report, you should include:

• the time and date you received the message
• the content of the message.

It may not be possible for the ICO to follow up individual complaints if you haven't got any details about the company.

Spam calls.

Sometimes you might get calls on your phone that play automated messages when you answer. These calls will often try to sell you things like personal injury legal services, or PPI. We consider these spam calls, and they can be unsolicited, annoying and sometimes illegal.

If you get one of these calls, you should hang up straight away. Don’t make any number selections during the call, even if it says that doing so will prevent future calls.

• Report the spam call to us by:
  • Texting the word ‘call’ followed by the spam number to 7726.

We’re working with other operators, industry bodies and the government to try to stop people getting these calls.

Spoofing – Nuisance callers changing their Caller ID.

What is Spoofing.

Most phones let you see the number of the person calling before you answer, which is known as 'Caller ID' or 'Calling Line Identity' (CLI). However, there have been growing instances of nuisance callers and criminals deliberately changing the Caller ID, a practice known as 'spoofing'.

Sometimes there's a good reason for a caller to modify the Caller ID (for example, leaving an 0800 number for the customer to call back). However, with spoofing callers deliberately change the telephone number and/or name relayed as the Caller ID information.

They do this to either hide their identity or to try to mimic the number of a real company or person who has nothing to do with the real caller.

For example, identity thieves who want to steal sensitive information such as your bank account or login details, sometimes use spoofing to pretend they're calling from a bank or credit card company.

What's being done.

Calls with spoofed numbers can and do come from all over the world and account for a significant and growing proportion of nuisance calls.

Ofcom is working with the international regulators - as well as the telecoms industry - to find solutions to the problem.

What you can do.

Identity thieves and other fraudsters often pose as representatives of banks, credit card companies, creditors, or government departments to get people to reveal their account numbers and other sensitive information.

You should never give out personal information in response to an incoming call, or rely upon the Caller ID as the sole means of identification, particularly if the caller asks you to carry out an action which might have financial consequences.

If someone calls asking for this information, you shouldn't provide it. Instead, you should hang up and call the phone number on your account statement, in the phone book, or on the company's or government department's website to check whether the call was genuine. You should wait at least five minutes before making the call - this ensures the line has cleared and you're not still speaking to the fraudster or an accomplice.

You can report it to the police by calling 101 or 999 if the crime is in progress. Calls to 999 are free and available 24 hours a day 7 days a week. Calls to 101 are charged at 15p per call and available 24 hours a day 7 days a week.

If you think you've been a victim of call spoofing

1. Contact Action Fraud
   You can call Action Fraud on 0300 123 2040 (standard call rates apply) Monday to Friday between the hours of 8am to 8pm or visit www.actionfraud.police.uk. Action Fraud is the UK's national reporting centre for fraud and internet crime. However, if debit cards, online banking or cheques are involved in the scam your first step should be to contact your bank or credit card company.
2. Tell Trading Standards
   If you think something may be a scam, you can phone 03454 04 05 06 (standard call rates apply) Monday to Friday between the hours of 9am to 5pm and tell the Citizens Advice Consumer Service, who can pass details of the case on to Trading Standards.
   The Trading Standards service is responsible for protecting consumers and the community against rogue traders and traders acting unfairly.
3. The Telephone Preference Services (TPS)
   Register your mobile number with The Telephone Preference Service (TPS), it's a free service and is the official central opt out register on which you can record your preference not to receive unsolicited sales or marketing calls from all companies you have given consent to - https://www.tpsonline.org.uk/tps/number_type.html

How to dispute a blocked number.

If you believe your number’s been blocked by us and you’d like to appeal this decision, you can call us on 333 from your Three phone or 0333 338 1001 on any other phone (standard rates apply). We’ll arrange for your number to be investigated and if the request is approved we’ll unblock it within 5 working days.